What is Amazon WorkSpaces Web? - Amazon WorkSpaces Web

What is Amazon WorkSpaces Web?

WorkSpaces Web is a low cost, fully managed WorkSpace built specifically to facilitate secure, web- based workloads. WorkSpaces Web makes it easy for customers to safely provide their employees with access to internal websites and SaaS web applications without the administrative burden of appliances or specialized client software. WorkSpaces Web provides simple policy tools tailored for user interactions, while offloading common tasks like capacity management, scaling, and maintaining browser images.

WorkSpaces Web delivers a simple administration and commitment-free solution to support workers that only need access to internal and SaaS web applications. WorkSpaces Web pixel streams web content from AWS, so sensitive company web data never resides on remote devices reducing the risk of data exfiltration. Streaming also provides a barrier between internal servers and local devices, preventing the transmission of device-borne malware to internal servers. WorkSpaces Web applies browser policies on your or the customer’s behalf to isolate users to the web browser interface. As a result, they are unable to install applications from the internet or access the terminal or operating system menus during a session.

WorkSpaces Web is automatically managed, with capacity, scaling and browser images updated to the latest version of Chrome by AWS. Each WorkSpaces Web session starts with a fresh and fully updated Chrome browser, with your enterprise browser policy applied. At the end of the session, the instance is terminated, so company data never resides on remote devices. WorkSpaces Web provides customers with simple tools to customize the browser experience, like setting a startURL or bookmarks, and allows them to apply polices for use of the clipboard, printer, and file transfer. WorkSpaces Web also supports full Chrome Enterprise Policy on Linux, so customers can make use of over 300 user and device browser policies.

Getting started with WorkSpaces Web takes two steps. First, administrators create an WorkSpaces Web Portal from the WorkSpaces Web console. Second, administrators distribute the endpoint URL so users can access their streaming browser, either by adding to an existing SAML2.0 application gateway or by emailing the URL to users. Then, users access the endpoint from their existing browser, sign in with their SAML credentials, and start their session from the startup URL set by the administrator. Administrators are in full control of what content users may browse to. They can set URL allowlist and denylist policies with Chrome Policy, or filter browser traffic through their VPC. WorkSpaces Web works with SAML2.0 identity providers (like Okta and Ping) and honors existing enforcement policies. WorkSpaces Web only charges customers monthly for users that sign in to the streaming web browser, and requires no up-front costs, licenses, or ongoing agreements.